We’re looking for an experienced Cyber Security Operations Manager to join our Cyber Security team in Kilbirnie Street, Glasgow.
We offer:
- 33 days’ annual leave
- Flexible leave
- Generous employee discounts
- Private healthcare
- Workplace pension
- …and much more
Location
The role is based at our Kilbirnie Street, Glasgow, office, but we offer hybrid working, so working from home some days of the week is also available.
Hours
This is a full-time position: Monday–Friday, 8.30am - 5pm
About the role
The successful candidate with be responsible for the team responding to security alerts, liaising with the SMEs and users on said alerts, and managing vulnerabilities in Arnold Clark.
The successful candidate will work very closely with internal teams as well as with our managed service partners to ensure events and alarms are investigated to resolution, and to influence remediation of vulnerabilities in our systems.
Key responsibilities
- Team and outsourced MDR capability management, including out-of-hours response.
- Continuous improvement and development of the cyber incident response plan, playbooks and processes that allow security operations team to respond to incidents rapidly and effectively.
- Building effective security operations capabilities and using purple team engagements to tune and validate detection tooling and response processes.
- Working collaboratively with IT teams to remediate vulnerabilities identified through penetration testing and vulnerability scanning.
- Planning and coordination of large-scale security incident response, remediation and recovery efforts involving multiple parties and teams.
- Ensure that all security events and incidents are responded to in accordance with the established work instructions, including remedial action/recommendations.
- Maintain currency in security concepts, tools, and best practices.
- Manage the delivery of daily/weekly security reports.
- Manage the delivery of vulnerability management and compliance scanning processes.
- Liaising with stakeholders across the business on reduction of vulnerabilities.
- Manage email security monitoring and response to phishing incidents.
Internal stakeholders
- Internal technical teams
- Internal business non-technical teams
External stakeholders
- Cyber Security MSSP vendors
Required experience and skills
- A robust understanding of:
- The typical techniques used by Threat Actors.
- Preventing and detecting common attack techniques, as outlined in the MITRE ATT&CK framework.
- Awareness of tuning and configuring cyber security tools, such us SIEM and EDR tooling, and how enterprise IT networks, Active Directory and Azure AD operate.
- Service management of key partners.
- People management inclusive of line management, coaching and mentoring.
Key measures
- Ability to work under the direction of the Head of Cyber Security.
- Ability to complete investigation reports in line with processes.
- A desire to learn and seek knowledge of all aspects of cyber security.
- Assisting all members of Cyber Security and beyond with queries regarding security operation.
- Establish and maintain relationships with internal stakeholders and security partners.
- Ability to evidence improvements in security operations processes and key performance indicators (KPIs).
- Ability to influence the business on selection of adequate KPIs and holding the team and stakeholders accountable to those.
Arnold Clark is committed to creating a diverse and inclusive workplace. We strive to create an environment where collaboration, unique perspectives and multiple approaches are celebrated. We care about our employees and our communities, we nurture talent and encourage ambition, and we are passionate about people who take pride in their work. Our employees are at the heart of everything we do – diverse in our make-up, united in our goals.
To find out more about Life at Arnold Clark, visit our website.
Employment within the Arnold Clark Group is offered subject to satisfactory reference and disclosure checks.